home

minecraft-installer.exe

Boot Compute

This adware bundler is distributed through Adknowledge's advertising supported software managers. The application minecraft-installer.exe, “Software Installer ” by Boot Compute has been detected as adware by 27 anti-malware scanners. The program is a setup application that uses the Adknowledge Fusion installer. The installer is marketed through download protals and search ads as Minecraft but will also install additional software offers which include adware, PUPs and browser toolbars. The file has been seen being downloaded from freefastsoftware.com.
Publisher:
Software Installer   (signed by Boot Compute)

Product:
Software Installer

Description:
Software Installer

Version:
2.4.8.1

MD5:
4287be1e97a8c6ecedf0b5a64168fa85

SHA-1:
dafc6008ace9c9fafac8837d53dae6791e7d7d42

SHA-256:
60abf06d5de67a7fac49057f46a930f8666f904ed4c7c1ffe54bda987f023075

Scanner detections:
27 / 68

Status:
Adware

Explanation:
This installer bundles various adware prorgams that may include toolbars and web browser advertising injectors/extensions.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
11/14/2024 3:18:34 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Kazy.466534
381

AhnLab V3 Security
PUP/Win32.IBryte
2014.09.19

Avira AntiVirus
Adware/iBryte.bxox
7.11.183.194

avast!
Win32:PUP-gen [PUP]
2014.9-160119

AVG
Adware AdPlugin
2017.0.2859

Bitdefender
Gen:Variant.Kazy.466534
1.0.20.95

Comodo Security
Application.Win32.AgentCV.HWYE
20030

Dr.Web
Trojan.DownLoader11.30378
9.0.1.019

Emsisoft Anti-Malware
Gen:Variant.Kazy.466534
8.16.01.19.11

ESET NOD32
Win32/AdWare.iBryte.BD application
10.7.0.302.0

Fortinet FortiGate
Riskware/Generic.AC.4346808
1/19/2016

F-Prot
W32/A-512ed8f8
v6.4.7.1.166

F-Secure
Gen:Variant.Kazy.466534
11.2016-19-01_3

G Data
Gen:Variant.Kazy.466534
16.1.24

IKARUS anti.virus
AdWare.AdPlugin
t3scan.1.8.3.0

K7 AntiVirus
Unwanted-Program
13.185.13943

Kaspersky
not-a-virus:Downloader.Win32.Agent
14.0.0.790

MicroWorld eScan
Gen:Variant.Kazy.466534
17.0.0.57

NANO AntiVirus
Trojan.Win32.DownLoader11.devbwp
0.28.6.62995

nProtect
Trojan-Clicker/W32.iBryte.271224
14.11.06.01

Panda Antivirus
Trj/Genetic.gen
16.01.19.11

Quick Heal
TrojanDownloader.Badur.A5
1.16.14.00

Reason Heuristics
PUP.Adknowledge.BootCompute.Bundler (M)
16.1.19.23

Sophos
PUA 'iBryte Optimum Installer'
5.11

Vba32 AntiVirus
AdWare.iBryte
3.12.26.3

VIPRE Antivirus
Threat.4798837
34232

Zillya! Antivirus
Downloader.Agent.Win32.215074
2.0.0.1926

File size:
238.4 KB (244,088 bytes)

Product version:
2.4.8.1

Copyright:
Copyright (C) 2013 Software Installer

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Adknowledge Fusion

Language:
English (United States)

Common path:
C:\users\{user}\downloads\minecraft-installer.exe

Digital Signature
Signed by:
Boot Compute

Authority:
COMODO CA Limited

Valid from:
3/23/2014 7:00:00 PM

Valid to:
3/24/2015 6:59:59 PM

Subject:
CN=Boot Compute, O=Boot Compute, STREET="4600 Madison Ave, 10th FL", L=Kansas City, S=Missouri, PostalCode=64112, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
059AEF62ABD7F83178378663E98BDE5C

File PE Metadata
Compilation timestamp:
8/31/2014 10:00:27 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:oJx/Ms1+/1uYOa6mEDke4HJViL/z37Fj7N1B39wGslht:oJxUs1gsTDkbJqL3J7HgGsbt

Entry address:
0x10213

Entry point:
E8, BA, 05, 00, 00, E9, D7, FC, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 18, 62, 41, 00, 89, 0D, 14, 62, 41, 00, 89, 15, 10, 62, 41, 00, 89, 1D, 0C, 62, 41, 00, 89, 35, 08, 62, 41, 00, 89, 3D, 04, 62, 41, 00, 66, 8C, 15, 30, 62, 41, 00, 66, 8C, 0D, 24, 62, 41, 00, 66, 8C, 1D, 00, 62, 41, 00, 66, 8C, 05, FC, 61, 41, 00, 66, 8C, 25, F8, 61, 41, 00, 66, 8C, 2D, F4, 61, 41, 00, 9C, 8F, 05, 28, 62, 41, 00, 8B, 45, 00, A3, 1C, 62, 41, 00, 8B, 45, 04, A3, 20, 62, 41, 00, 8D, 45, 08, A3, 2C, 62, 41...
 
[+]

Entropy:
7.2186

Code size:
66 KB (67,584 bytes)

The file minecraft-installer.exe has been seen being distributed by the following URL.

http://freefastsoftware.com/track/install?subid=mindcraft game&source=google_minecraft-search-us-play-phrase-51217455500&adprovider=google_freefastsoftware.com&gclid=CL7Q1-LyvcACFSpp7AodoTEA9Q&dlink=http://secure.oinstaller7.com/g/.../Minecraft-Installer.exe

Remove minecraft-installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.